package com.zdb.controller;


import com.zdb.pojo.LoginUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/demo")
public class DemoCntroller {
    private static final Logger log = LoggerFactory.getLogger(DemoCntroller.class);

    @PreAuthorize("hasAuthority('all')")
    @PostMapping("/test")
    public String login() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser user = (LoginUser )authentication.getPrincipal();
        log.info("用户信息：{}", user.getAuthorities());
        return "test";
    }
    @PreAuthorize("hasAuthority('youke:get')")
    @PostMapping("/youke")
    public String youke() {
        return "youke";
    }
}
